Page 3 of 3 FirstFirst 123
Results 21 to 30 of 30

Thread: WordPress Attack Underway: WordPress Users Must Upgrade [ALERT]

  1. #21
    Pathan's Avatar
    Pathan is offline Newbie Net Builder
    Join Date
    Aug 2009
    Posts
    42
    Thanks
    6
    Thanked 2 Times in 2 Posts
    Yeah just upgraded all my blogs, thank for the info

  2. #22
    deluxdon's Avatar
    deluxdon is offline Catch Me If you Can....
    Join Date
    Jun 2009
    Location
    Deluxdon.In
    Posts
    591
    Blog Entries
    1
    Thanks
    21
    Thanked 66 Times in 59 Posts
    Thanks for the alert.

    BTW WP version above 2.7 safe or not ?

    DON.

  3. #23
    oxuro's Avatar
    oxuro is offline Extreme Developement going on..
    Join Date
    Sep 2009
    Location
    Greece
    Posts
    121
    Thanks
    3
    Thanked 13 Times in 11 Posts
    A mate of mine told me a day or two ago about that issue but to be honest i was so lazy to upgrade it (what the hell...i had just to press a button to upgrade it but still too lazy xD) anywayz after reading the article from mashable i went asap and upgrade it xD

  4. #24
    dodolls is offline Wide Traveler
    Join Date
    Aug 2009
    Posts
    40
    Thanks
    3
    Thanked 4 Times in 4 Posts
    Thanks for the alert. Upgrading my blog to the latest version. Are there any other clues that will tell you that your site has been attacked? Haven't updated my blog lately and I'm afraid that it might be infected.

  5. #25
    bogart's Avatar
    bogart is offline Super Moderator
    Join Date
    May 2009
    Location
    New York
    Posts
    3,772
    Thanks
    1,886
    Thanked 776 Times in 609 Posts
    Some users are reporting memory issues with wordpress 2.8.x

    Quote Originally Posted by dodolls View Post
    Thanks for the alert. Upgrading my blog to the latest version. Are there any other clues that will tell you that your site has been attacked? Haven't updated my blog lately and I'm afraid that it might be infected.
    There are two clues that your WordPress site has been attacked.

    There are strange additions to the pretty permalinks, such as example.com/category/post-title/%&(%7B$%7Beval(base64_decode($_SERVER%5BHTTP_REFER ER%5D))%7D%7D|.+)&%/. The keywords are “eval” and “base64_decode.”

    The second clue is that a “back door” was created by a “hidden” Administrator. Check your site users for “Administrator (2)” or a name you do not recognize. You will probably be unable to access that account.
    WordPress Attack Underway: WordPress Users Must Upgrade [ALERT]

  6. #26
    nessie's Avatar
    nessie is offline Newbie Net Builder
    Join Date
    Dec 2008
    Location
    /root
    Posts
    59
    Thanks
    10
    Thanked 6 Times in 6 Posts
    Is the "hidden" admin attacker account visible in Users section in WP admin interface or need to dig the database to find it?

  7. #27
    5starpix's Avatar
    5starpix is offline Senior Net Builder
    Join Date
    Dec 2008
    Location
    Montreal, Quebec
    Posts
    1,710
    Blog Entries
    9
    Thanks
    158
    Thanked 227 Times in 164 Posts
    I have had a issue with people going to

    http://www.mydomain.com/2009/09/my-post-title/%quote

    I have no idea where the %quote is coming from, but its only after the update to 2.8.x

    I don't have that link on any of my pages

  8. #28
    Hellas's Avatar
    Hellas is offline Very Unusual Member
    Join Date
    Dec 2008
    Location
    Bosnia
    Posts
    1,051
    Thanks
    214
    Thanked 292 Times in 205 Posts
    One of my upgraded and normal site just got defaced but I think it is up to host.

    They somehow managed password for my wordpress installation and they just edited index.php, but hacker could easily delete the whole site...


    It was WP 2.8.4.

  9. #29
    Snak3's Avatar
    Snak3 is offline Moderator
    Join Date
    Jul 2009
    Location
    Undisclosed Location
    Posts
    629
    Thanks
    155
    Thanked 190 Times in 121 Posts
    Quote Originally Posted by Hellas View Post
    One of my upgraded and normal site just got defaced but I think it is up to host.

    They somehow managed password for my wordpress installation and they just edited index.php, but hacker could easily delete the whole site...


    It was WP 2.8.4.
    Really sad to hear that. Have you checked your server logs?

  10. #30
    Hellas's Avatar
    Hellas is offline Very Unusual Member
    Join Date
    Dec 2008
    Location
    Bosnia
    Posts
    1,051
    Thanks
    214
    Thanked 292 Times in 205 Posts
    Quote Originally Posted by Snak3 View Post
    Really sad to hear that. Have you checked your server logs?
    I am lazy just restored backup and changed passwords.

    Will bother with that if they continue to hack it

Page 3 of 3 FirstFirst 123

Similar Threads

  1. Wordpress Automatic Upgrade Problem
    By Pathan in forum Wordpress
    Replies: 9
    Last Post: 13 September, 2009, 07:39 AM
  2. Replies: 14
    Last Post: 30 August, 2009, 02:33 AM
  3. Replies: 0
    Last Post: 2 August, 2009, 06:59 AM
  4. Wordpress 2.8.1 upgrade mandatory
    By sizzler_chetan in forum Wordpress
    Replies: 3
    Last Post: 11 July, 2009, 21:01 PM
  5. SEO Tip for Wordpress users.
    By mega in forum Promoting
    Replies: 0
    Last Post: 10 May, 2009, 23:58 PM

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •